Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection (CVE-2009-0978)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

Oracle Database sys.pbsde.init Procedure Buffer Overflow (CVE-2005-3438)

Stored procedures are a powerful feature of an Oracle database server. They are essentially a set of SQL statements that are stored server-side, which are called by name and optionally passed a set of parameters. Stored procedures provide improved performance, because only data specific to the...

Oracle Database Server ctxsys.driload Access Validation (CVE-2004-0637)

Stored procedures are a powerful feature of an Oracle database server. They are essentially a set of SQL statements that are stored server-side, which are called by name and optionally passed a set of parameters. Stored procedures provide improved performance, because only data specific to the...

Oracle Database Server MDSYS.SDO_LRS Package SQL Injection (CVE-2006-5340)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

Ipswitch WhatsUp Web Interface SQL Injection (CVE-2005-1250)

WhatsUp Professional 2005 is a network monitoring and resource management solution. WhatsUp Professional uses a relational database to store the information about user accounts and network devices that are monitored by the application. The relational databases supported by WhatsUp Professional ar...

TGS CMS 0.x SQL Injection / XSS / Disclosure

| | | / | | / | | | \ / | | | / / | |/ \ / / |/ | |/| | | ' \ / | / / | | alertdocument.cookie The Risk: By exploiting this vulnerability, an attacker can inject malicious code in the script and can stole cookies. Fix the vulnerability: Encode output...

Use a low-privileged Oracle database accounts give the OS access permissions-bug warning-the black bar safety net

Author:Mickey These days look at the article called"Penetration: from application down to OS Oracle"of the document,feel quite interesting,the document probably means that is,if the ORACLE service is using the administrator account to start,as long as you have a have resource and connect privileg...

glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit

No description provided by source. ?php / glFusion = 1.1.2 COMapplyFilter/cookies remote blind sql injection exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in" "seconds by glFusion" +RSS Found...

GLSA-200903-27 : ProFTPD: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200903-27 ProFTPD: Multiple vulnerabilities The following vulnerabilities were reported: Percent characters in the username are not properly handled, which introduces a single quote character during variable substitution by modsql...

ProFTPD: Multiple vulnerabilities

Background ProFTPD is an advanced and very configurable FTP server. Description The following vulnerabilities were reported: Percent characters in the username are not properly handled, which introduces a single quote character during variable substitution by modsql CVE-2009-0542. Some invalid,...

SuSE Update for OpenOffice_org SUSE-SA:2007:067

Check for the Version of OpenOfficeorg OpenVAS Vulnerability Test $Id: gbsuse2007067.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for OpenOfficeorg SUSE-SA:2007:067 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is...

Gentoo Security Advisory GLSA 200812-20 (phpcollab)

The remote host is missing updates announced in advisory GLSA 200812-20. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-20 (phpcollab)

The remote host is missing updates announced in advisory GLSA 200812-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerability

Exploit for unknown platform in category web applications ======================================================================== Openfire Server = 3.6.0a Auth Bypass/SQL/XSS Multiple Vulnerabilities ======================================================================== Advisory: Openfire Serv...

The latest Discuz! NT2. 5 vulnerability to report! - Vulnerability warning-the black bar safety net

Title: the latest Discuz! NT2. 5 vulnerability to report! Author: hackest H. S. T. This article has been published in the hacker X-Files for 2 0 0 8 P 1 0 issue of the magazine on After the author published on the blog, such as reproduced please retain this information! Summer, passion in August,...

Gentoo Security Advisory GLSA 200608-10 (pike)

The remote host is missing updates announced in advisory GLSA 200608-10. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-523)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-4802)

This update of OpenOfficeorg adds restrictions to SQL statements of Java-based databases to avoid the execution of native Jave code by creating procedures. CVE-2007-4575 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

GLSA-200712-25 : OpenOffice.org: User-assisted arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-200712-25 OpenOffice.org: User-assisted arbitrary code execution The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Impact : A remote attacker could entice a user to open a...

SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 4770)

This update of OpenOfficeorg adds restrictions to SQL statements of Java-based databases to avoid the execution of native Jave code by creating procedures. CVE-2007-4575 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...